CN112688845B - Communication method and device of vehicle-mounted CAN network - Google Patents
Communication method and device of vehicle-mounted CAN network Download PDFInfo
- Publication number
- CN112688845B CN112688845B CN202011535537.XA CN202011535537A CN112688845B CN 112688845 B CN112688845 B CN 112688845B CN 202011535537 A CN202011535537 A CN 202011535537A CN 112688845 B CN112688845 B CN 112688845B
- Authority
- CN
- China
- Prior art keywords
- data
- key
- vehicle
- network
- counter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Small-Scale Networks (AREA)
Abstract
The application relates to a communication method and a device of a vehicle-mounted CAN network, wherein the communication method of the vehicle-mounted CAN network is applied to a sender, and the method comprises the following steps: acquiring a first secret key and a current fresh value of a vehicle-mounted CAN network; splicing the first secret key and the fresh value to obtain a splicing result; determining a second key based on the splicing result and the data length of the CAN data to be sent; and encrypting the CAN data to be transmitted by using the second key. According to the method and the device, the encryption of the CAN bus message data CAN be realized under the condition that the CAN bus load is not increased, the privacy of the vehicle CAN bus data is protected, and the communication performance of the CAN bus is ensured.
Description
Technical Field
The application relates to the technical field of communication safety, in particular to a communication method and device of a vehicle-mounted CAN network.
Background
The existing control functions in the automobile are mostly controlled by a CAN bus, and various electronic control units in the automobile send CAN messages to the CAN bus to control all parts of the automobile. However, in the industry, at present, no encryption processing is performed on the bus message, and a private protocol mode is adopted to protect the bus message information, so that the CAN bus communication protocols of all models are different, and cannot be unified, and the maintenance cost is high. And once the bus proprietary protocol is compromised, or reversed by a hacker, the in-vehicle bus CAN cause an attack on the vehicle by injecting well-constructed attack traffic into the CAN bus, without any security whatsoever.
In the existing bus security protection scheme, an original message and a fresh value are connected and filled to meet the data length of basic block encryption, then a key and an encryption algorithm are used to encrypt the filled data, then a part of ciphertext is intercepted as an MAC (message authentication code), and then plaintext data and the MAC are spliced together to form a final security message for transmission. The SECOC scheme ensures the authenticity and integrity of messages on the CAN bus through a MAC mechanism. However, the data field part still appears in a plaintext form, and the privacy of the data field part cannot be guaranteed; meanwhile, the SECOC scheme occupies a large amount of CAN message load, thereby leading to the improvement of bus load rate, the reduction of communication real-time performance and even the influence on normal functions.
Disclosure of Invention
In view of the foregoing problems in the prior art, an object of the present application is to provide a communication method and apparatus for a vehicle-mounted CAN network, which CAN encrypt CAN bus message data without increasing a CAN bus load, and protect vehicle CAN bus data privacy.
In order to achieve the above object, an embodiment of the present application provides a communication method for a vehicle-mounted CAN network, which is applied to a sender, and the method includes:
acquiring a first secret key and a current fresh value of a vehicle-mounted CAN network;
splicing the first secret key and the fresh value to obtain a splicing result;
determining a second key based on the splicing result and the data length of the CAN data to be sent;
and encrypting the CAN data to be transmitted by using the second key.
In some embodiments, determining the second key based on the splicing result and the data length of the CAN data to be transmitted includes:
performing hash operation on the splicing result to obtain a hash value;
and intercepting data with corresponding length from the hash value as the second key according to the data length of the CAN data to be sent.
In some embodiments, encrypting the CAN data to be transmitted using the second key includes:
and carrying out bitwise XOR on the CAN data to be sent and the second secret key to obtain a CAN data ciphertext.
In some embodiments, the algorithm of the hash operation includes an SM3 algorithm, an MD5 algorithm, or an SHA algorithm, and the hash value is 32 bytes in length.
In some embodiments, the fresh value is determined based on a frame counter, the fresh value including a trip counter, a reset counter, a message counter, and a reset flag.
In some embodiments, the on-board CAN network comprises a master electronic control unit and at least one slave electronic control unit, the trip counter, reset counter and message counter each being monotonically incremented, the trip counter and reset counter of the slave electronic control unit being updated synchronously with changes in the trip counter and reset counter of the master electronic control unit; the message counter counts and updates when each CAN data message is successfully transmitted; the reset mark synchronizes the count value of the reset counter in the main electronic control unit in real time.
In some embodiments, the fresh value is 8 bytes in length, and the trip counter and the reset counter are both 3 bytes.
The embodiment of the application further provides a communication method of the vehicle-mounted CAN network, which is applied to a receiving party, and the method comprises the following steps:
acquiring a third key and a current fresh value of the vehicle-mounted CAN network;
splicing the third key and the fresh value to obtain a splicing result;
determining a fourth key based on the splicing result and the data length of the CAN data received by the receiver;
and decrypting the received CAN data by using the fourth key.
The embodiment of the present application further provides a communication device of a vehicle-mounted CAN network, which is applied to a sender, and includes:
the device comprises an acquisition module, a storage module and a control module, wherein the acquisition module is configured to acquire a first secret key and a current fresh value of an on-board CAN network;
the splicing module is configured to splice the first secret key and the fresh value to obtain a splicing result;
a determining module configured to determine a second key based on the splicing result and a data length of the CAN data to be transmitted;
an encryption module configured to encrypt the CAN data to be transmitted using the second key.
The embodiment of the present application further provides a communication device of a vehicle-mounted CAN network, which is applied to a sender, and includes:
the acquisition module is configured to acquire a third key and a current fresh value of the vehicle-mounted CAN network;
the splicing module is configured to splice the third key and the fresh value to obtain a splicing result;
a determination module configured to determine a fourth key based on the splicing result and a data length of the CAN data received by the receiving side;
a decryption module configured to decrypt the received CAN data using the fourth key.
Compared with the prior art, the communication method and the communication device for the vehicle-mounted CAN network provided by the embodiment of the application CAN obtain the temporary secret key based on the master secret key and the current fresh value when the sender sends the CAN data or the receiver receives the CAN data, encrypt or decrypt the CAN data through the temporary secret key, and the actual encrypted or decrypted secret key changes along with the real-time dynamic change of the fresh value, so that the safety of the CAN data CAN be ensured. Meanwhile, the temporary secret key is determined based on the continuously updated fresh value, so that the secret key can be effectively prevented from being leaked, and the data security is further improved. In addition, in the embodiment of the application, the fresh value does not need to be connected with the CAN data, filled and the like, the original CAN message data CAN be encrypted under the condition that the data load of the CAN bus is not increased, and the communication performance of the CAN bus is ensured.
Drawings
In the drawings, which are not necessarily drawn to scale, like reference numerals may describe similar components in different views. Like reference numerals having letter suffixes or different letter suffixes may represent different instances of similar components. The drawings illustrate various embodiments, by way of example and not by way of limitation, and together with the description serve to explain the claimed embodiments. The same reference numbers will be used throughout the drawings to refer to the same or like parts, where appropriate. Such embodiments are illustrative, and are not intended to be exhaustive or exclusive embodiments of the present apparatus or method.
Fig. 1 is a flowchart of a communication method of a vehicle-mounted CAN network according to an embodiment of the present application;
FIG. 2 is a schematic structural diagram of fresh values of an embodiment of the present application;
FIG. 3 is a block diagram of fresh value management according to an embodiment of the present application;
fig. 4 is a flowchart of a communication method of another vehicle-mounted CAN network according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a communication device of an in-vehicle CAN network according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of another communication device of an in-vehicle CAN network according to an embodiment of the present application.
Detailed Description
Specific embodiments of the present application will be described in detail below with reference to the accompanying drawings, but the present application is not limited thereto.
It will be understood that various modifications may be made to the embodiments disclosed herein. Accordingly, the foregoing description should not be construed as limiting, but merely as exemplifications of embodiments. Those skilled in the art will envision other modifications within the scope and spirit of the application.
The accompanying drawings, which are incorporated in and constitute a part of the specification, illustrate embodiments of the application and, together with a general description of the application given above and the detailed description of the embodiments given below, serve to explain the principles of the application.
These and other features of the present application will become apparent from the following description of preferred forms of embodiment, given as non-limiting examples, with reference to the accompanying drawings.
It should also be understood that, although the present application has been described with reference to some specific examples, a person of skill in the art shall certainly be able to achieve many other equivalent forms of application, having the characteristics as set forth in the claims and hence all coming within the field of protection defined thereby.
The above and other aspects, features and advantages of the present application will become more apparent in view of the following detailed description when taken in conjunction with the accompanying drawings.
Specific embodiments of the present application are described hereinafter with reference to the accompanying drawings; however, it is to be understood that the disclosed embodiments are merely examples of the application, which can be embodied in various forms. Well-known and/or repeated functions and constructions are not described in detail to avoid obscuring the application of unnecessary or unnecessary detail. Therefore, specific structural and functional details disclosed herein are not to be interpreted as limiting, but merely as a basis for the claims and as a representative basis for teaching one skilled in the art to variously employ the present application in virtually any appropriately detailed structure.
Fig. 1 is a flowchart of a communication method of a vehicle-mounted CAN network according to an embodiment of the present application. As shown in fig. 1, the present embodiment provides a communication method of an on-vehicle CAN network, which is applied to a sender of CAN data of a vehicle, where the sender is an Electronic Control Unit (ECU) of the vehicle, the vehicle may be provided with a plurality of electronic control units, different electronic control units are connected through a CAN bus to form the on-vehicle CAN network, and each electronic control unit performs point-to-point data information transmission and exchange through the CAN bus. The CAN data refers to network communication data on a vehicle CAN bus, and CAN comprise a plurality of CAN message data, and the CAN message data CAN be transmitted between a sender and a receiver. In the embodiment of the present application, the sender may be a master electronic control unit or a slave electronic control unit, and is not limited specifically. In the vehicle-mounted CAN network, the electronic control unit comprises a main electronic control unit (Master ECU) and at least one Slave electronic control unit (Slave ECU) connected with the main electronic control unit through a bus.
The communication method of the vehicle-mounted CAN network comprises the following steps:
step S101: and acquiring a first secret key and a current fresh value of the vehicle-mounted CAN network.
Specifically, before a sender sends CAN data, a first key and a current fresh value of the vehicle-mounted CAN network are acquired.
The first key is a master key of the vehicle, and is predetermined and stored. The whole vehicle manufacturer can statically distribute the master key when the vehicle is off-line to configure the program, and can also dynamically distribute the master key to the vehicle by using the cloud server. The sender can directly obtain the first key or request the cloud server to obtain the first key, and the cloud server sends the first key to the sender ECU of the vehicle after receiving the key request.
In some embodiments, all electronic control units may communicate with each other using the same first key, i.e. the same first key may be used between a sender and different receivers. In other embodiments, different first keys are used for communication between different electronic control units, that is, different first keys are used between a sender and different receivers, data encrypted transmission is performed between the sender and the first receiver through the first key, and data encrypted transmission is performed between the sender and the second receiver through another first key. In a specific implementation, the first key used between the sender and the receiver corresponds to the first key used for data encryption and decryption.
It CAN be understood that the same electronic control unit CAN transmit the CAN data and also CAN data, and CAN data CAN be transmitted to a plurality of electronic control units at the same time or CAN data transmitted by a plurality of electronic control units CAN be received at the same time.
The freshness value (also called freshness value) is a value which is continuously updated according to certain logic, so that the risk that the vehicle CAN network is repeatedly attacked CAN be reduced. The fresh value can be stored in the electronic control unit or in the memory of the vehicle, so that the fresh value can be called in time when the sender uses the fresh value. In the embodiment of the application, the current fresh value refers to the current fresh value of a vehicle CAN network formed by an electronic control unit and a vehicle CAN bus when a sender prepares to send CAN data.
Step S102: and splicing the first secret key and the fresh value to obtain a splicing result.
In particular, the first key and the fresh value may be concatenated into a string of arbitrary length.
Step S103: and determining a second key based on the splicing result and the data length of the CAN data to be sent.
In step S103, determining a second key based on the splicing result and the data length of the to-be-transmitted CAN data, specifically including:
step S1031: performing hash operation on the splicing result to obtain a hash value;
specifically, the concatenation result may be subjected to a hash operation by using an SM3 algorithm, an MD5 algorithm, or an SHA algorithm, to obtain a hash value. The hash algorithm is an algorithm that inputs a message of an arbitrary bit length and outputs a hash value of a fixed bit length. In the embodiment of the application, the splicing results with different data lengths can be output as hash values with uniform data lengths, and the length of the hash values can be 32 bytes. In the step, the irreversibility of the Hash algorithm is utilized, the leakage of the main key can be prevented, and meanwhile, the non-reusability of the fresh value is ensured.
Step S1032: and intercepting data with corresponding length from the hash value as the second key according to the data length of the CAN data to be sent.
Specifically, the data of the corresponding length may be intercepted from the head of the hash value as the second key, or may be intercepted from any other part (e.g., the tail or the middle) of the hash value. Intercepting from the head, convenient operation, and CAN intercept the data with the same data length as the CAN data as the second key.
In the application, since the maximum value of the data length of the CAN data to be sent is 8 bytes (64 bits), the hash value is set to 32 bytes, and it CAN be ensured that data with the same data length as the CAN data in the hash value CAN be intercepted as the second key.
Step S104: and encrypting the CAN data to be transmitted by using the second key.
After the second key is obtained, the second key and an encryption algorithm CAN be used to encrypt the CAN data to be transmitted.
Specifically, step S104 includes:
and carrying out bitwise XOR on the CAN data to be sent and the second secret key to obtain a CAN data ciphertext.
Because the CAN data to be sent has the same data length with the second key, the CAN data CAN be quickly encrypted by adopting a bitwise exclusive OR mode, thereby improving the communication transmission efficiency.
The communication method applied to the vehicle-mounted CAN network of the sender, provided by the embodiment of the application, CAN be used for obtaining the temporary secret key based on the master secret key and the current fresh value when the sender sends the CAN data, and encrypting the CAN data through the temporary secret key. Meanwhile, the temporary secret key is determined based on the continuously updated fresh value, so that the secret key can be effectively prevented from being leaked, and the data security is further improved. In addition, in the embodiment of the application, the fresh value does not need to be connected with the CAN data, filled and the like, the original CAN message data CAN be encrypted under the condition that the data load of the CAN bus is not increased, and the communication performance of the CAN bus is ensured.
Since the second key is determined on the basis of a continuously updated fresh value, the management of the fresh value is particularly important for the protection of the CAN bus data. The freshness value may be determined based on a timestamp (a clock unified for the nodes of the entire vehicle) or a frame counter. In this embodiment, the freshness value is determined based on a frame counter, i.e. in each sender ECU or receiver ECU, a dedicated local frame counter is provided for tracking CAN data transmission events. The frame counter counts only when each CAN message data is successfully transmitted or received, and the problem of time synchronization is avoided. When CAN message data are wrong or lost, the ECU CAN restore normal work through the resynchronization of the frame counter.
In the embodiment, in the vehicle communication system, the Master electronic control unit (Master ECU) is used as a management node to perform unified update management on the fresh values, and the Slave ECU is used as a Slave node to receive the synchronously updated fresh values. The fresh value is a count value that monotonically increases with the transmission of CAN data to ensure that the fresh value used for each subsequent encryption is different. The fresh value may be generated based on a global timer broadcast, a trip counter, or the like, and the embodiment of the present application is not particularly limited. Meanwhile, the fresh values may be cycled in a certain period, that is, the CAN data in one period corresponds to different fresh values, and after one period is finished, the fresh values may be reset, for example, the period may be set to 24 hours.
Fig. 2 is a schematic structural diagram of a freshness value in an embodiment of the present application. As shown in fig. 2, the fresh value includes a Trip Counter (Trip Counter), a Reset Counter (Reset Counter), a Message Counter (Message Counter), and a Reset Flag (Reset Flag), and the length of the fresh value is 8 bytes.
Wherein, the Trip Counter (Trip Counter) is a monotone increment Counter, the initial value is 0, the Trip Counter is automatically increased when the power-on, awakening and other operations are carried out, and the Reset Counter (Reset Counter) is cleared when the Trip Counter is automatically increased; and the Master electronic control unit (Master ECU) puts a new stroke counter and a reset counter into a synchronization message and sends the synchronization message to the Slave electronic control units (Slave ECUs), and all the Slave electronic control units (Slave ECUs) store the stroke counter and the reset counter. The current count value is saved after each increment. Fig. 3 is a block diagram of fresh value management according to an embodiment of the present application. As shown in fig. 3, the stroke counter and the reset counter are periodically broadcast by the master electronic control unit to the respective slave electronic control units.
Further, the count value of the trip counter is preferably 3 bytes (24 bits), and is stored in the memory in the form of 0 xfffffff (in 16 systems), which is converted into a decimal 16777215, and the service life of the vehicle is calculated according to 30 years, 16777215/30/365 ═ 1532. I.e., the power-up may be repeated 1532 times per day on average, and overflow will not occur after 30 years. The stroke counter can effectively resist replay attack, and after the stroke counter overflows, the replay attack cannot be effectively resisted. When the reset counter overflows, the count value of the stroke counter is + 1.
The Reset Counter (Reset Counter) is monotonically increased, different periods can be set for the Reset Counter according to the actual scene of the vehicle, and the period is monotonically increased (namely, Reset Counter + 1); when the reset counter is self-increased, the message counter is cleared; the master electronic control unit sends the current latest stroke counter and reset counter as synchronization messages to the slave electronic control units, and all the slave electronic control units store the stroke counters and the reset counters.
Further, the count value of the reset counter is preferably 3 bytes (24 bits), and is stored in the memory in the form of 0 xfffffff (16 n), which is converted into a decimal 16777215, and the fastest 10MS frame message is sent out on the CAN bus, and the increment period of the reset counter may be set to 200MS, that is, 5 increments per second, and 5 increments 60 increments 24 increments every day, 432000 increments. 16777215/432000 ═ 38.8. I.e. without power down, the reset counter will overflow after day 38, after which it will no longer be able to withstand replay attacks. The increment period of the reset counter may be set according to the actual transmission rate of the CAN message data, and the present application is not particularly limited.
The Message Counter (Message Counter) is monotonically increased, the count value of the sending ECU is increased by one (namely, Message Counter +1) every time the sending ECU sends a Message data frame, and the low bit (Message CntLow) of the Message Counter is intercepted and packaged into a CAN bus Message frame (Secured I-PDU) as a fresh value part. And the receiving ECU also executes the operation of adding one to the counting value after receiving the instruction of successful verification. The CAN message data frames sent by the sender or the CAN message data frames received by the sender CAN be reliably counted through the message counter. The freshness value is added into the CAN bus message frame to judge the freshness of the transmitted CAN data.
Further, the message counter is preferably 14 bits, the upper 10 bits are not present in the message body, and the lower 4 bits are present in the message body, so as to ensure that the message counter does not overflow in one reset period, so as to resist replay attack.
The Reset Flag (Reset Flag) synchronizes the count value from the Reset counter in the main electronic control unit in real time, and takes the low 2 bits of the Reset counter as a fresh value part to be packaged into a CAN bus message frame.
In the embodiment of the application, by constructing the fresh value of 8 bytes and splicing the fresh value with the first key, when the data length of the CAN data is small, the hash value larger than 8 bytes CAN be ensured to be obtained, so that the second key CAN be obtained by interception.
Fig. 4 is a flowchart of a communication method of another in-vehicle CAN network according to an embodiment of the present application. Based on the above communication method applied to the vehicle-mounted CAN network of the sender, the embodiment of the application provides a communication method of the vehicle-mounted CAN network, which is applied to the receiver, and the method comprises the following steps:
step S401: and acquiring a third key and a current fresh value of the vehicle-mounted CAN network.
The third key is a master key matched with the first key of the sender, so that the receiver CAN decrypt the encrypted CAN data sent by the sender conveniently.
The third key can be directly stored in the receiver ECU so as to be directly called by the receiver; the third key CAN also be stored in the sender, and when the sender sends the encrypted CAN data to the receiver, the third key matched with the first key CAN be sent to the receiver together; the receiver ECU may also send a key request to the cloud server to obtain a third key. The third key and the first key may be symmetric keys or asymmetric keys.
The current fresh value is the current fresh value of the vehicle-mounted CAN network when the receiving party receives the CAN data.
In some embodiments, since the second key in encryption is determined based on a fresh value, the receiver also needs to obtain the fresh value when the sender transmits CAN data in the decryption process. That is, the current fresh value may be a fresh value used when the receiver receives the encrypted CAN data and the CAN data is encrypted, which is acquired from the sender.
Step S402: and splicing the third secret key and the fresh value to obtain a splicing result.
Specifically, the third key and the fresh value may be concatenated into a character string of any length.
Step S403: and determining a fourth key based on the splicing result and the data length of the CAN data received by the receiver.
The CAN data received by the receiver is the CAN data encrypted by the sender, and the receiver needs to decrypt the CAN data.
In step S403, determining a fourth key based on the splicing result and the data length of the CAN data received by the receiver includes:
step S4031: performing hash operation on the splicing result to obtain a hash value;
step S4032: and intercepting data with corresponding length from the hash value as the fourth key according to the data length of the received CAN data.
Step S404: and decrypting the received CAN data by using the fourth key.
After the third key is obtained, the received CAN data CAN be decrypted by using the third key and a decryption algorithm, so as to obtain decrypted plaintext data. The receiver can decrypt the data encrypted by the sender by adopting the same encryption algorithm as the sender.
Specifically, step S404 includes:
and carrying out bitwise XOR on the received CAN data and the fourth secret key to obtain a CAN data plaintext.
In the embodiment of the application, the decryption process of the CAN data received by the receiver is similar to the encryption process of the CAN data sent by the sender, after the receiver receives the CAN data ciphertext sent by the sender, a temporary key corresponding to the received CAN data is derived through a third key and a current fresh value of a vehicle-mounted CAN network, the temporary key is used for carrying out bitwise XOR operation on the CAN data ciphertext sent by the sender to obtain corresponding plaintext data, data decryption CAN be realized, and the safety of the CAN data is ensured.
Fig. 5 is a schematic structural diagram of a communication device of an in-vehicle CAN network according to an embodiment of the present application. As shown in fig. 5, an embodiment of the present application provides a communication device of an in-vehicle CAN network, applied to a sender, the communication device of the in-vehicle CAN network including:
an obtaining module 501 configured to obtain a first key and a current fresh value of an on-vehicle CAN network;
a splicing module 502 configured to splice the first key and the fresh value to obtain a splicing result;
a determining module 203 configured to determine a second key based on the splicing result and a data length of the CAN data to be transmitted;
an encryption module 504 configured to encrypt the CAN data to be transmitted with the second key.
The sending party is an Electronic Control Unit (ECU) in a vehicle-mounted CAN network, CAN obtain a temporary secret key according to a master secret key and a current fresh value, encrypts CAN message data by using the temporary secret key to obtain a safety message, then sends the safety message to a CAN bus, and sends the safety message to a receiving party through the CAN bus.
The communication apparatus of the on-vehicle CAN network corresponds to the communication method applied to the on-vehicle CAN network of the sender of the above-described embodiment, and any optional items in the communication method embodiment of the on-vehicle CAN network are also applicable to the present embodiment, and are not described in detail here.
Fig. 6 is a schematic structural diagram of another communication device of an in-vehicle CAN network according to an embodiment of the present application. As shown in fig. 6, an embodiment of the present application provides a communication device of an in-vehicle CAN network, which is applied to a receiving party, and includes:
an obtaining module 601 configured to obtain a third key and a current fresh value of the on-vehicle CAN network;
a splicing module 602 configured to splice the third key and the fresh value to obtain a splicing result;
a determining module 603 configured to determine a fourth key based on the splicing result and a data length of the CAN data received by the receiving side;
a decryption module 604 configured to decrypt the received CAN data using the fourth key.
The receiving party is an Electronic Control Unit (ECU) in the vehicle-mounted CAN network, CAN receive the encrypted CAN data ciphertext sent by the sending party through the CAN bus, obtains a temporary key according to a master key and a current fresh value of the vehicle-mounted CAN network, and decrypts the received CAN data ciphertext by using the temporary key to obtain plaintext data.
The communication apparatus of the on-vehicle CAN network corresponds to the communication method of the on-vehicle CAN network applied to the receiving side of the above-described embodiment, and any optional items in the communication method embodiment of the on-vehicle CAN network are also applicable to the present embodiment, and are not described in detail here.
The embodiment of the application also provides a vehicle, which comprises the sender and the receiver, wherein the sender and the receiver are different electronic control units of the vehicle, and are used for realizing communication among the different electronic control units.
The electronic control unit of the embodiment of the application comprises a memory and a processor, wherein the memory is used for storing executable program codes; the processor runs a program corresponding to the executable program code by reading the executable program code stored in the memory, for executing the above-described communication method of the in-vehicle CAN network.
In some embodiments, the processor may be a processing device including more than one general purpose processing device, such as a microprocessor, Central Processing Unit (CPU), Graphics Processing Unit (GPU), or the like. More specifically, the processor may be a Complex Instruction Set Computing (CISC) microprocessor, Reduced Instruction Set Computing (RISC) microprocessor, Very Long Instruction Word (VLIW) microprocessor, processor running other instruction sets, or processors running a combination of instruction sets. The processor may also be one or more special-purpose processing devices such as an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA), a Digital Signal Processor (DSP), a system on a chip (SoC), or the like.
The memory is a computer readable medium on which executable program code (e.g., software for implementing the methods of the present application) may be embedded to perform the communication methods of the in-vehicle CAN network described above.
The memory may also store keys, CAN data, and fresh values, etc., which may be old fresh values and current new fresh values. The memory may be volatile memory (e.g., random-access memory (RAM), which may include volatile RAM, magnetic RAM, ferroelectric RAM, and any other suitable form) or non-volatile memory (e.g., disk memory, flash memory, erasable programmable read-only memory (EPROM), electrically erasable programmable read-only memory (EEPROM), memristor-based non-volatile solid-state memory, etc.).
In the embodiment of the application, the memory is preferably a nonvolatile memory to prevent the loss of fresh values; and a special safe memory is arranged in the electronic control unit to safely store the fresh value. The key and the CAN data may be stored in the secure memory or may be stored in a separate memory.
The above embodiments are only exemplary embodiments of the present application, and are not intended to limit the present application, and the protection scope of the present application is defined by the claims. Various modifications and equivalents may be made by those skilled in the art within the spirit and scope of the present application and such modifications and equivalents should also be considered to be within the scope of the present application.
Claims (9)
1. A communication method of a vehicle-mounted CAN network is applied to a sender, and is characterized by comprising the following steps:
acquiring a first secret key and a current fresh value of a vehicle-mounted CAN network;
splicing the first secret key and the fresh value to obtain a splicing result;
determining a second key based on the splicing result and the data length of the CAN data to be sent;
encrypting the CAN data to be transmitted by using the second key;
determining a second key based on the splicing result and the data length of the CAN data to be sent, wherein the determining of the second key comprises the following steps:
performing hash operation on the splicing result to obtain a hash value;
and intercepting data with corresponding length from the hash value as the second key according to the data length of the CAN data to be sent.
2. The method of claim 1, wherein encrypting the CAN data to be transmitted using the second key comprises:
and carrying out bitwise XOR on the CAN data to be sent and the second secret key to obtain a CAN data ciphertext.
3. The method of claim 1, wherein the algorithm of the hash operation comprises an SM3 algorithm, an MD5 algorithm, or an SHA algorithm, and wherein the hash value is 32 bytes in length.
4. The method of claim 1, wherein the fresh value is determined based on a frame counter, and wherein the fresh value comprises a trip counter, a reset counter, a message counter, and a reset flag.
5. The method of claim 4, wherein the on-board CAN network comprises a master electronic control unit and at least one slave electronic control unit, the trip counter, reset counter, and message counter each being monotonically incremented, the trip counter and reset counter of the slave electronic control unit being updated synchronously with changes in the trip counter and reset counter of the master electronic control unit; the message counter counts and updates when each CAN data message is successfully transmitted; the reset mark synchronizes the count value of the reset counter in the main electronic control unit in real time.
6. The method of claim 5, wherein the fresh value is 8 bytes in length and the trip counter and the reset counter are both 3 bytes.
7. A communication method of a vehicle-mounted CAN network is applied to a receiving party, and is characterized by comprising the following steps:
acquiring a third key and a current fresh value of the vehicle-mounted CAN network;
splicing the third key and the fresh value to obtain a splicing result;
determining a fourth key based on the splicing result and the data length of the CAN data received by the receiver;
decrypting the received CAN data by using the fourth key;
determining a fourth key based on the splicing result and the data length of the CAN data received by the receiver, wherein the fourth key comprises the following steps:
performing hash operation on the splicing result to obtain a hash value;
and intercepting data with corresponding length from the hash value as the fourth key according to the received data length of the CAN data.
8. A communication device of an on-vehicle CAN network is applied to a sender and is characterized by comprising:
the device comprises an acquisition module, a storage module and a control module, wherein the acquisition module is configured to acquire a first secret key and a current fresh value of an on-board CAN network;
the splicing module is configured to splice the first secret key and the fresh value to obtain a splicing result;
a determining module configured to determine a second key based on the splicing result and a data length of the CAN data to be transmitted;
an encryption module configured to encrypt the CAN data to be transmitted with the second key;
determining a second key based on the splicing result and the data length of the CAN data to be sent, wherein the determining of the second key comprises the following steps:
performing hash operation on the splicing result to obtain a hash value;
and intercepting data with corresponding length from the hash value as the second key according to the data length of the CAN data to be sent.
9. A communication device of an on-vehicle CAN network is applied to a receiving party and is characterized by comprising:
the acquisition module is configured to acquire a third key and a current fresh value of the vehicle-mounted CAN network;
the splicing module is configured to splice the third key and the fresh value to obtain a splicing result;
a determination module configured to determine a fourth key based on the splicing result and a data length of the CAN data received by the receiving side;
a decryption module configured to decrypt the received CAN data using the fourth key;
determining a fourth key based on the splicing result and the data length of the CAN data received by the receiver, wherein the fourth key comprises the following steps:
performing hash operation on the splicing result to obtain a hash value;
and intercepting data with corresponding length from the hash value as the fourth key according to the received data length of the CAN data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011535537.XA CN112688845B (en) | 2020-12-23 | 2020-12-23 | Communication method and device of vehicle-mounted CAN network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011535537.XA CN112688845B (en) | 2020-12-23 | 2020-12-23 | Communication method and device of vehicle-mounted CAN network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112688845A CN112688845A (en) | 2021-04-20 |
| CN112688845B true CN112688845B (en) | 2022-08-05 |
Family
ID=75450984
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011535537.XA Active CN112688845B (en) | 2020-12-23 | 2020-12-23 | Communication method and device of vehicle-mounted CAN network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112688845B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113472620A (en) * | 2021-06-23 | 2021-10-01 | 重庆长安汽车股份有限公司 | Management method and system for in-vehicle message authentication fresh value |
| EP4325766A4 (en) * | 2021-06-29 | 2024-06-05 | Huawei Technologies Co., Ltd. | Data transmission method and communication apparatus |
| CN114142998B (en) * | 2021-11-26 | 2024-03-15 | 北京神经元网络技术有限公司 | Data encryption processing method and device, electronic equipment and storage medium |
| CN115277219A (en) * | 2022-07-29 | 2022-11-01 | 中国第一汽车股份有限公司 | Message encryption method, message decryption method, message encryption device, message decryption device, and storage medium |
| CN115396190A (en) * | 2022-08-24 | 2022-11-25 | 北京天融信网络安全技术有限公司 | Data encryption method, decryption method and device |
| CN115664887A (en) * | 2022-10-20 | 2023-01-31 | 东风汽车股份有限公司 | Method for calculating load rate of CAN bus of whole vehicle |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106533697A (en) * | 2016-12-06 | 2017-03-22 | 上海交通大学 | Random number generating and extracting method and application thereof to identity authentication |
| CN106603485A (en) * | 2016-10-31 | 2017-04-26 | 美的智慧家居科技有限公司 | Secret key negotiation method and device |
| CN107480986A (en) * | 2017-08-14 | 2017-12-15 | 飞天诚信科技股份有限公司 | A kind of method and hardware wallet that digital cash wallet is realized using hardware |
| CN110120869A (en) * | 2019-03-27 | 2019-08-13 | 上海隔镜信息科技有限公司 | Key management system and cipher key service node |
Family Cites Families (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104852904B (en) * | 2015-04-16 | 2019-03-12 | 国家电网公司 | A kind of Server remote method for restarting applied based on cell phone application and Encrypted short message ceases |
| US10630481B2 (en) * | 2016-11-07 | 2020-04-21 | Ford Global Technologies, Llc | Controller area network message authentication |
| CN106411513B (en) * | 2016-12-02 | 2019-10-18 | 美的智慧家居科技有限公司 | Cryptographic key negotiation method and device in local area network communication |
| US10791125B2 (en) * | 2018-01-03 | 2020-09-29 | Ford Global Technologies, Llc | End-to-end controller protection and message authentication |
| CN109754322A (en) * | 2018-12-27 | 2019-05-14 | 石更箭数据科技(上海)有限公司 | A kind of data service system |
| DE102019204608B3 (en) * | 2019-04-01 | 2020-08-27 | Conti Temic Microelectronic Gmbh | Devices and methods for generating and authenticating at least one data packet to be transmitted in a bus system (BU) of a motor vehicle |
| CN110635898A (en) * | 2019-08-30 | 2019-12-31 | 深圳壹账通智能科技有限公司 | Encryption method and encryption system |
| CN110933110A (en) * | 2019-12-17 | 2020-03-27 | 东软集团股份有限公司 | Communication method, sending end, receiving end and vehicle of vehicle-mounted network |
| CN113132082A (en) * | 2020-01-10 | 2021-07-16 | 华为技术有限公司 | Communication method and device based on vehicle intranet |
-
2020
- 2020-12-23 CN CN202011535537.XA patent/CN112688845B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106603485A (en) * | 2016-10-31 | 2017-04-26 | 美的智慧家居科技有限公司 | Secret key negotiation method and device |
| CN106533697A (en) * | 2016-12-06 | 2017-03-22 | 上海交通大学 | Random number generating and extracting method and application thereof to identity authentication |
| CN107480986A (en) * | 2017-08-14 | 2017-12-15 | 飞天诚信科技股份有限公司 | A kind of method and hardware wallet that digital cash wallet is realized using hardware |
| CN110120869A (en) * | 2019-03-27 | 2019-08-13 | 上海隔镜信息科技有限公司 | Key management system and cipher key service node |
Non-Patent Citations (3)
| Title |
|---|
| Identification of inland fresh water wetland using SAR and ETM+ data;Renzong Ruan;《2007 IEEE International Geoscience and Remote Sensing Symposium》;20080107;全文 * |
| 基于多路密钥协商的物联网安全通信方法;谢婉娟;《计算机与现代化》;20150215(第02期);全文 * |
| 蓝牙安全中链接密钥改进的一种新机制;任秀丽等;《东北大学学报(自然科学版)》;20030530(第05期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112688845A (en) | 2021-04-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112688845B (en) | Communication method and device of vehicle-mounted CAN network | |
| CN108075897B (en) | Controller area network message authentication | |
| US10735435B2 (en) | Communication system, management node, normal node, counter synchronization method, and storage medium | |
| CN109600350B (en) | System and method for secure communication between controllers in a vehicle network | |
| US10735517B2 (en) | Communication system and communication method | |
| EP3451577B1 (en) | Computing device, authentication system, and authentication method | |
| US11539518B2 (en) | Time-based encryption key derivation | |
| KR102450811B1 (en) | System for key control for in-vehicle network | |
| CN104025506A (en) | Message authentication method in communication system and communication system | |
| CN112799706A (en) | Vehicle upgrade package processing method and device | |
| CN112910650B (en) | Authenticated encryption and decryption method and system | |
| CN107534558B (en) | Method for protecting the information security of data transmitted via a data bus and data bus system | |
| US12021999B2 (en) | Devices and methods for the generating and authentication of at least one data packet to be transmitted in a bus system (BU), in particular of a motor vehicle | |
| US20210144130A1 (en) | Method for securing communication without management of states | |
| CN112600838B (en) | CAN bus data encryption method and device, storage medium and electronic equipment | |
| CN115277219A (en) | Message encryption method, message decryption method, message encryption device, message decryption device, and storage medium | |
| Bittl | Attack potential and efficient security enhancement of automotive bus networks using short MACs with rapid key change | |
| CA3127711A1 (en) | Systems, methods and controllers for secure communications | |
| KR101705639B1 (en) | Method for transmitting and receiving a message in a vehicle network system | |
| WO2018040605A1 (en) | Data processing method and apparatus, and computer storage medium | |
| CN115834210A (en) | Quantum secure network data transmitting and receiving method and communication system | |
| CN113489589A (en) | Data encryption and decryption method and device and electronic equipment | |
| CN112152790A (en) | Data encryption method, data decryption method, data encryption device and data decryption device | |
| CN113132092B (en) | Communication method and electronic device | |
| CN112740726B (en) | Data transmission method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |